Authorization of a trading strategy algorithm

ABSTRACT

Systems, methods, and computer-readable storage media are provided for authorizing a trading algorithm prior to execution of the trading algorithm. An example method includes receiving a trading algorithm definition associated with a unique identifier and sending the unique identifier to an algorithm server that is operable to execute programming code representing the trading algorithm. The unique identifier may be associated with a trader authorized to execute the programming code. The algorithm server may check the unique identifier prior to execution of the programming code to ensure that the trading algorithm has been authorized.

BACKGROUND

An electronic trading system generally includes a client device incommunication with an electronic exchange. The electronic exchangetransmits market data to the client device. Market data includes, forexample, price data, market depth data, and last traded quantity data.In some electronic trading systems, the client device sends trade ordersto the electronic exchange. Alternatively or in addition, a server sidedevice sends the trade orders to the electronic exchange. Upon receivingthe trade order, the electronic exchange enters the trade order into anexchange order book and attempts to match quantity of the trade orderwith quantity of one or more contra-side trade orders.

Electronic exchanges have made it possible for an increasing number ofparticipants to be active in a market at any given time. The increase inthe number of potential market participants has led to, among otherthings, a more competitive market and greater liquidity. In thecompetitive environment of electronic trading, where every second or afraction of second counts in intercepting trading opportunities, tradingalgorithms are beneficial for automating electronic trading.

BRIEF DESCRIPTION OF THE DRAWINGS

Certain examples are described with reference to the following drawings.

FIG. 1 illustrates an example electronic trading system in which certainexample systems, apparatus, and/or methods may be employed.

FIG. 2 illustrates a flow diagram depicting an example method forauthorizing a trading algorithm.

FIGS. 3A-3J illustrate flow diagrams depicting example methods forauthorizing a trading algorithm.

FIG. 4 illustrates an aspect of an example trading algorithm designapplication.

FIGS. 5A-5B illustrate an aspect of an example trading algorithmauthorization application.

FIG. 6 illustrates an aspect of the example trading algorithm designapplication of FIG. 4.

FIG. 7 illustrates an aspect of the example trading algorithm designapplication of FIG. 4.

FIG. 8 illustrates a block diagram of an example computing device thatmay be used to implement the described examples.

The foregoing summary and the following detailed description will bebetter understood when read in conjunction with the drawings. Thedrawings show certain examples. It should be understood, however, thatthe examples are not limited to the arrangements and instrumentalityshown in the attached drawings.

DETAILED DESCRIPTION

The disclosed examples relate to the authorization of a tradingalgorithm by a third-party (referred to herein as a “risk manager”),before programming code corresponding to that trading algorithm may beexecuted in a live environment.

Electronic trading applications enable a user (for example, a trader) todesign a trading algorithm. Trading algorithms generally specify thatcertain trading actions should be taken when certain market conditionsoccur and/or are detected. Example trading actions include submitting,cancelling, and re-pricing an order.

Electronic trading applications may also, or instead, allow the user toupload the trading algorithm to a server device. The server device mayautomatically execute the trading algorithm. A user designing and/orfacilitating execution of a trading algorithm may not have sufficientexperience and/or interest to identify, weigh or appreciate thepotential risks that a trading algorithm may create when thecorresponding programming code is executed. Large sums of money andresources, along with liabilities associated with duties related to thecorresponding funds, may be tied to each transaction implemented by thetrade algorithm.

In some examples, a trading algorithm may be authorized before executionon the server device. Authorizing a trading algorithm may includeemploying a unique identifier of a trading algorithm and/or a definitionof the trading algorithm. In some examples, the unique identifier isgenerated anytime a trading algorithm definition is saved, changed,and/or sent to the risk manager. Examples of unique identifiers includehash codes and globally unique identifiers (GUID). In some examples, theunique identifier changes at one or more times and/or in response to oneor more events (for example, when the trading algorithm definition issaved). In some examples, changing the unique identifier prevents atrader from making changes to a trading algorithm after a risk managerhas approved the trading algorithm. This prevents the trader fromexecuting a trading algorithm that has not been approved.

Some examples may provide human oversight of trading algorithms, enablemore experienced traders to monitor less experienced traders, andprovide risk managers greater control over a portfolio of tradingalgorithms.

Some examples include, among other components, software executed onhardware. The examples are merely illustrative and should not beconsidered as limiting. For example, it is contemplated that any or allof these hardware and software components could be embodied exclusivelyin hardware, exclusively in software, exclusively in firmware, or in anycombination of hardware, software, and/or firmware. Accordingly, thedisclosed examples may be implemented in other ways.

I. Brief Description

In an example, a method includes receiving, using a computing device, atrading algorithm definition corresponding to a trading algorithmdesigned using a trading algorithm design interface. The tradingalgorithm definition is to be used to execute a trading strategy. Theexample method includes receiving, using the computing device, a userinput authorizing the trading algorithm definition to be executed on analgorithm server operable to execute programming code representing thetrading algorithm. The example method includes sending, in response toreceiving the user input, using the computing device, a uniqueidentifier corresponding to the trading algorithm definition. Theexample unique identifier is associated with the programming coderepresenting the trading algorithm and with a trader authorized toexecute the programming code.

In an example, a tangible computer-readable storage medium includesinstructions that, when executed, cause a computing device to accept areceived trading algorithm definition corresponding to a tradingalgorithm designed using a trading algorithm design interface. Theexample instructions, when executed, cause the computing device to send,in response to receiving a user input authorizing the trading algorithmdefinition to be executed on an algorithm server, a unique identifiercorresponding to the trading algorithm definition. The example uniqueidentifier is associated with programming code stored to the algorithmserver representing the trading algorithm and with a trader authorizedto execute the programming code.

In an example, a tangible computer-readable storage medium includesinstructions that, when executed, cause a computing device to implementa user interface operable to at least display a trading algorithmdefinition corresponding to a trading algorithm designed on a clientcomputing device, to enable a risk manager to review the tradingalgorithm. The example user interface is operable to receive at leastone user input authorizing the trading algorithm definition to beexecuted on an algorithm server, and requesting that a unique identifiercorresponding to the trading algorithm definition be sent to thealgorithm server. The example user interface is operable to send anotification to a device to be accessed by a user, indicating that theunique identifier has been sent to the algorithm server.

In an example, a method includes accepting a received approved tradingalgorithm, a received trader identifier, and a unique identifiercorresponding to the approved trading algorithm. The example methodincludes determining in response to receiving an authorizationidentifier whether the authorization identifier corresponds to at leastone of the trader identifier or the unique identifier. The examplemethod includes executing, in response to the authorization identifiercorresponding to at least one of the trader identifier or the uniqueidentifier, programming code representing the approved tradingalgorithm. The example method includes rejecting, in responsive to theauthorization identifier not corresponding to at least one of the traderidentifier or the unique identifier, the programming code and sending anotification indicating that the programming code was not executed.

In an example, a tangible computer-readable storage medium includesinstructions that, when executed, cause a computing device to at leastaccept a received approved trading algorithm. The example instructions,when executed, cause the computing device to store the approved tradingalgorithm, a trader identifier, and a unique identifier corresponding tothe approved trading algorithm. The example instructions, when executed,cause the computing device to accept a received authorizationidentifier. The example instructions, when executed, cause the computingdevice to determine whether the authorization identifier corresponds toat least one of the trader identifier or the unique identifier. Theexample instructions, when executed, cause the computing device to, inresponse to the authorization identifier corresponding to at least oneof the trader identifier or the unique identifier, execute programmingcode representing the approved trading algorithm. The exampleinstructions, when executed, cause the computing device to, in responseto the authorization identifier not corresponding to at least one of thetrader identifier or the unique identifier, reject the programming codeand send a notification indicating that the programming code was notexecuted.

II. Electronic Trading System

FIG. 1 illustrates an example electronic trading system 100 in whichcertain of the disclosed examples may be employed. The example tradingsystem 100 of FIG. 1 includes a client device 112, a risk-manager device114, a server device 122 (which may also be referred to as “server-sidedevice” or “algorithm server”), a gateway 124, and an electronicexchange 126. The client device 112 and the risk-manager device 114 arein communication with each other and with the server device 122 and thegateway 124. The gateway 124 is in communication with the exchange 126.As used herein, the phrase “in communication with” includes directcommunication and indirect communication through one or moreintermediary components.

A. Client Device

The client device 112 is operable to send orders to buy or selltradeable objects at the exchange 126. A user (for example, a trader)may utilize the client device 112 to send the orders. The orders aresent through the gateway 124 to the exchange 126. In addition, marketdata (for example, current prices, index values, etc.) is sent from theexchange 126 through the gateway 124 to the client device 112. The usermay also utilize the client device 112 to monitor the received marketdata that may form the basis of a decision whether to send an order fora tradeable object.

As used herein, the term “tradeable object” refers to anything that maybe traded with a quantity and/or a price. For example, tradeable objectsinclude financial products such as stocks, options, bonds, futures,currency, warrants, funds derivatives, securities, commodities, tradedevents, goods, and combinations of these. A tradeable object may be realor synthetic. A real tradeable object includes products listed by anexchange. A synthetic tradeable object includes products defined by theuser and not listed by an exchange. A synthetic tradeable object mayinclude a combination of real (or other synthetic) products such as asynthetic spread created by a trader utilizing, for example, the clientdevice 112.

The example client device 112 of FIG. 1 may be a computing device havinga processor and memory. The client device 112 may include one or moreelectronic computing platforms such as a hand-held device, laptop,desktop computer, workstation with a single or multi-core processor,server with multiple processors, and/or cluster of computers. Whiledepicted as a single device in FIG. 1, the client device 112 may includea trading terminal in communication with the server device 122 and/or aserver other than the server device 122. The trading terminal mayprovide a trading screen to a user and may communicate commands to theserver for further processing of the user's inputs (for example,commands for placing orders) through the trading screen.

The example client device 112 of FIG. 1 is generally owned, operated,controlled, programmed by, configured by, and/or otherwise used by auser. The term “user” refers to, but is not limited to, a human (forexample, a trader) or an electronic trading device (for example,including a processor and memory or an algorithmic trading system). Oneor more users may, for example, be involved in the ownership, operation,control, programming, configuration, and/or other use of the clientdevice 112.

The example client device 112 of FIG. 1 may include an electronictrading workstation, a portable trading device, an algorithmic tradingsystem such as a “black box” or “grey box” system, an embedded tradingsystem, and/or an automated trading tool. For example, the client device112 may be a computing device running a copy of X_TRADER®, an electronictrading platform provided by Trading Technologies International, Inc. ofChicago, Ill. In some examples, the client device 112 may be a computingdevice running an automated trading tool such as AUTOSPREADER® and/orAUTOTRADER™, also provided by Trading Technologies International, Inc.

The example trading system 100 may include more than one client device112. For example, multiple client devices similar to the client device112 may be in communication with the gateway 124 to send orders to theexchange 126. The example client device(s) 112 may include one or morecomputing devices or processing components. In other words, thefunctionality of the client device(s) 112 may be performed by onecomputing device or more than one computing device. For example, onecomputing device may generate orders in association with the clientdevice(s) 112 to be sent to the exchange 126 while another computingdevice may provide a graphical user interface to a trader in associationwith the client device 112.

1. Algorithm Design Application

With continued reference to the example in FIG. 1, the client device 112is configured to execute a trading algorithm design application 116. Thetrading algorithm design application 116 may be stored in memory. Aprocessor may retrieve and execute instructions related to the tradingalgorithm design application 116.

In some examples, the trading algorithm design application 116 may bestored to a portable computer-readable storage medium (for example, acompact disc), and the client device 112 may be configured to executethe trading algorithm design application 116 from the portable storagemedium. In some examples, the trading algorithm design application 116may reside on the server device 122 or a different server device and bemoved or loaded to the client device 112 (for example, by downloadingthe trading algorithm design application 116 from a file or applicationdevice). These examples are illustrative, not limiting, and the exampleclient device 112 of FIG. 1 may be configured in various other ways toexecute the example trading algorithm design application 116.

The trading algorithm design application 116 may provide a visual designlab having and/or associated with a graphical user interface, an examplebeing ADL™ (which may be referred to Algo Design Lab), provided byTrading Technologies International, Inc. of Chicago, Ill. Variousembodiments of ADL are described in U.S. patent application Ser. No.12/905,709, filed on Oct. 15, 2010, which is incorporated herein byreference in its entirety.

A visual design lab may include a trading interface according to certainembodiments. The trading interface is a trading interface for analgorithmic trading application referred to as ADL. The ADL allows atrader to design an algorithm for electronic trading. However, it shouldbe understood that elements of the illustrated trading interface may beincorporated into other trading interfaces.

A trading interface may include a design canvas area, a block list area,a variable area, and a control area. In certain examples, one or more ofthese areas may be in separate windows or toolbars. For example, theblock list area may be in a separate window from the design canvasareas. The design canvas area provides a visual programming environmentfor designing the algorithm. Designing an algorithm may includebuilding, testing, simulating, and/or evaluating the algorithm. Defaultvalues for user-defined variables in the algorithm may be specifiedusing the variable area. A parameter may be an input to the tradingalgorithm. A parameter may be a variable-value type. A parameter may bechanged, for example, prior to or during execution of a tradingalgorithm.

The example trading algorithm design application 116 may enable a userto design, at least in part, a trading algorithm, which may be used tofacilitate, for example, automated electronic trading. A tradingalgorithm may specify that certain trading actions should be taken whencertain market conditions occur and/or are detected. Example tradingactions include submitting, cancelling, and re-pricing an order. Whenthe trading algorithm is launched on the client device 112 (for example,by a user using a trading tool), the server device 122 begins to executethe programming code representing the trading algorithm. The serverdevice 122 may receive market data from the exchange 126 and monitor anelectronic market. Based on information in the electronic market, theserver device 122 may perform the trading actions specified in thetrading algorithm when suitable conditions occur and/or are detected.

A trading algorithm is specified by a trading algorithm definition. Atrading algorithm definition may define the design of a tradingalgorithm and enable the trading algorithm to be saved and viewed, forexample, at a later time and/or on one or more different computingdevices. In addition, the trading algorithm definition may enable thetrading algorithm to be viewed (for example, graphically) using thetrading algorithm design application 116. For example, graphicalrepresentations may be selected, manipulated, and/or placed using aninterface in relation to other graphical representations to provide atrading algorithm definition. The trading algorithm definition includeslogic expressions and parameters that describe the trading algorithm tobe used in trading. Logic expressions specify the relationship betweentrading algorithm parameters and may generate more parameters.Parameters may include, for example, inputs into the logic expressionsof the trading algorithm. The parameters may be variables.

With continued reference to the example in FIG. 1, the example tradingalgorithm design application 116 may at least in part specify thetrading algorithm definition. The trading algorithm design application116 may enable a user to specify parameters to be used by predefinedlogic expressions. In some examples, the trading algorithm designapplication 116 may enable a user to specify some or all of the logicexpressions and some or all of the parameters. A trading algorithm forwhich a user specifies logic expressions is a user-defined tradingalgorithm.

Based on the trading algorithm definition, instructions or logic may begenerated. Instructions or logic are herein referred to as programmingcode. Programming code may, for example, be source code,intermediate-language code, or machine-executable instructions.Generation of programming code may include, for example, compilation ofgenerated source code or intermediate language code. Once programmingcode is generated, the programming code may be simulated and/or used totrade according to the defined trading algorithm.

The example trading algorithm design application 116 may generate atrading algorithm, a trading algorithm definition, and/or programmingcode associated with the trading algorithm.

2. Trading Application

The client device 112 may be configured to execute one or more tradingapplications 118. The trading application(s) 118 generally enable,assist with, and/or facilitate electronic trading. Example tradingapplications may provide trading tools that include, but are not belimited to, charts, trading ladders, order entry tools, automatedtrading tools, automated spreading tools, risk management tools, orderparameter tools, order entry systems, market grids, fill windows, andmarket order windows, combinations thereof, and/or other electronictools used for trading, preparing to trade, or managing trades.

The trading application(s) 118 may process market data by arranging anddisplaying the market data in trading and charting windows on one ormore presentation devices associated with the client device 112. Themarket data may be received from the exchange 126 and/or a simulationenvironment that provides historical data and/or simulates an exchangebut does not effectuate real-world trades. This processing may be basedon user preferences. The trading application(s) 118 may include anautomated trading tool such as an automated spread trading tool. Thetrading application(s) may be distributed across one or more of thecomputing devices of the client device 112. In some examples, certaincomponents of a trading application are executed on a tradingworkstation and other components of the trading application are executedon a server in communication with the workstation.

The trading application(s) 118 may be stored to a memory of the clientdevice 112. Certain components of the trading application(s) 118 may bestored on a trading workstation and other components of the tradingapplication(s) 118 may be stored on a server in communication with theworkstation. In certain examples, one or more components of the tradingapplication(s) 118 may be loaded into the computer readable medium ofthe client device 112 from another computer readable medium. In someexamples, the trading application(s) 118 (or updates to the tradingapplication(s) 118) may be stored by a manufacturer, developer, orpublisher on one or more CDs or DVDs, which are then provided to someoneresponsible for loading the application onto the client device 112 or toa server from which the client device 112 retrieves the tradingapplication(s) 118. In some examples, the client device 112 receives thetrading application (or updates to the trading application) from aserver (for example, through the Internet or an internal network). Theclient device 112 may receive a trading application or an update to thetrading application when requested by the client device 112 (forexample, using “pull distribution”) and/or un-requested by the clientdevice 112 (for example, using “push distribution”).

The trading application(s) 118 may create and/or send a trade order. Atrade order is a message including an order to buy or sell a tradeableobject, for example, at a particular price and/or a particular quantity.In some examples, the trading application(s) 118 may calculate one ormore parameters for a trade order and automatically send the tradeorder. In some examples, the trading application(s) 118 may prepare thetrade order to be sent but not actually send it without confirmationfrom the user.

The client device 112 may include a display device to present atext-based or graphical interface of the trading application(s) 118 to auser. Example display devices include computer monitors, hand-helddevice displays, projectors, and/or televisions. A user interface may bedisplayed on the display device. The user interface may be used by theuser to specify or review parameters for an order using a tradingapplication.

The client device 112 may include one or more input devices forreceiving input from a user. Example input devices include a keyboard,trackball, two or three-button mouse, and/or touch screen. The clientdevice 112 may include other devices for interacting with a user. Forexample, information may be aurally provided to a user through a speakerand/or received through a microphone.

The trading application(s) 118 may generate one or more trading screensto enable a trader to interact with one or more markets. Trading screensmay enable traders to obtain and view market information, set orderentry parameters, enter and cancel orders, and/or monitor positionswhile implementing various trading strategies, for example. For example,the trading application(s) 118 may receive market data (such as bidprices, bid quantities, ask prices, ask quantities, prices andquantities for past sales, and/or other market related information) fromthe exchange 126 of FIG. 1 which, in turn, may be displayed with a userinterface of client device 112. Based on the received information, thetrading screen(s) may display a range of price levels and correspondingbid and ask quantities for the price levels in regard to tradeableobjects, for example. The information may be continuously or regularlyprovided to the trading application(s) 118, which enables the tradingapplication(s) 118 to update the trading screen(s) with current marketinformation. A trader may use the trading screen to place buy and sellorders for tradeable objects or to otherwise trade the tradeable objectsbased on the displayed information, for example.

B. Risk Manager Device

Authorizing a trading algorithm generally includes requiring approvalfrom a person other than a user who designs and/or facilitates executionof the trading algorithm in a live environment. In some example systems,such a designated approver is referred to as a risk manager. Forexample, the risk manager may be a manager, administrator, experiencedtrader, or government official. In some examples, the risk managerrefers to a plurality of reviewing individuals and/or devices that formreviewing groups or teams.

With continued reference to the example in FIG. 1, the system 100includes a risk manager device 114. The risk manager device 114 mayenable a risk manager to review and/or approve the trading algorithm.The risk manager device 114 may be authorized to review and/or approvethe trading algorithm independent of the human risk manager. Forexample, the risk-manager device 114 may be a computing deviceconfigured to, among other things, execute an authorization application119 that enables a risk manager to review and/or approve a tradingalgorithm. In some examples, the authorization application 119 isconfigured to review and/or approve the trading algorithm withoutintervention from the risk manager. For example, the authorizationapplication 119 may automatically review and/or approve the tradingalgorithm with no or minimal input from the risk manager. In someexamples, the authorization application 119 may be configured to analyzethe trading algorithm and present an analysis of the trading algorithm(for example, through a user interface of the risk manager device 114)to a risk manager, who may then approve or reject the trading algorithmusing a user interface of the risk manager device 114 and/or of theauthorization application 119. These examples are illustrative, and thedescribed example risk-manager devices may be implemented in additionalor alternative manners.

The risk manager device 114 is in communication with the client device112, the server device 122, and the gateway 124. In some examples, therisk-manager device 114 need not be in communication with the serverdevice 122 and/or the gateway 124 and, instead, may be in communicationonly with the client device 112. The example risk manager device 114 maybe configured to execute one or more trader applications (for example,X_TRADER) and/or trading algorithm design tools (for example, ADL). Insome examples, the trader application(s) and/or trading algorithm designtool(s) may be configured to function as the authorization application119.

The example risk manager device 114 of FIG. 1 may be configured toreceive information relating to a designer and/or user of a tradingalgorithm (for example, a trader to be authorized or refused access tothe trading algorithm). Information relating to a designer and/or userof a trading algorithm may include, for example, a trader identifierand/or trader experience level. The risk manager device 114 may beconfigured to receive information relating to the trading algorithmand/or trading algorithm definition. Information relating to the tradingalgorithm and/or trading algorithm definition may include, for example,a trading algorithm, trading algorithm definition, unique identifier ofa trading algorithm and/or trading algorithm definition, and programmingcode corresponding to a trading algorithm. The risk manager device 114may receive information relating to the trading algorithm, the tradingalgorithm definition, the designer and/or user of the trading algorithm,or any combination of this information from the client device 112 and/orfrom another device. The risk manager device 114 may receive theinformation in any suitable manner. In some examples, a trader sends ane-mail to the example risk-manager device 114 that includes informationrelating to the trader and/or a trading algorithm, and the risk managerthen uses software running on the risk-manager device 114 (for example,the authorization application 119) or another device to download theinformation. In some examples, software on the risk-manager device 114(for example, the authorization application 119) imports the informationfrom the e-mail without intervention from the risk manager. In someexamples, a trader uploads information to a server, a shared website, ora central repository, and the risk manager then uses software (forexample, the authorization application 119) associated with therisk-manager device 114 or any other suitable device to retrieve theinformation from the server, shared website, or repository. In someexamples, software (for example, the authorization application 119)associated with the example risk-manager device 114 imports theinformation without intervention from the risk manager.

The risk manager device 114 may receive the information as one or morefiles. In some examples, the risk manager device 114 may receive one ormore files (for example, an “.algo” file or a “.str” file). In someexample, the risk manager device 114 receives a container filecontaining multiple files. In some examples, a first file includesinformation relating to a trading algorithm, and a second file includesa unique identifier of the trading algorithm. The first file may beindependent of (e.g., different than) the second file. In some examples,a first item of information is embedded in a file relating to a seconditem of information. For example, the risk-manager device 114 mayreceive a trading algorithm file, in which there is embedded a uniqueidentifier of the trading algorithm to be reviewed, as disclosed ingreater detail below.

C. Gateway

In the illustrated example of FIG. 1, orders from the client device 112are sent to the exchange 126 through the gateway 124. The client device112 may communicate with the gateway 126 using, for example, a localarea network, a wide area network, a virtual private network, a T1 line,a T3 line, an ISDN line, a point-of-presence, the Internet, or acombination of these. The gateway 124 communicates with, and facilitatescommunication between, the client device 112 and the exchange 126. Forexample, the gateway 124 may receive orders from the client device 112and transmit the orders to the exchange 126. For example, the gateway124 may receive market data from the exchange 126 and transmit themarket data to the client device 112.

The gateway 124 may perform processing on data communicated between theclient device 112 and the exchange 126. For example, the gateway 124 mayprocess an order received from the client device 112 into a data formatacceptable by the exchange 126. The gateway 124 may transform marketdata in an exchange-specific format received from the exchange 126 intoa format understood by the client device 112. The processing of thegateway 124 may include tracking orders from the client device 112 andupdating the status of the orders based on fill confirmations receivedfrom the exchange 126. In some examples, the gateway 124 coalescesmarket data from the exchange 126 and provides the coalesced market datato the client device 112. In some examples, the gateway 124 providesservices other than processing data communicated between the clientdevice 112 and the exchange 126. For example, the gateway 124 mayprovide risk processing.

The example trading system 100 may include more than one gateway 124.For example, multiple gateways similar to the gateway 124 may be incommunication with the client device 112 and/or the exchange 126. Suchan arrangement may be used to provide, among other things, scalability,load balancing, and redundancy, should one or more gateways fail.

The gateway 124 may be a computing device including a processor andmemory. The gateway 124 may include one or more electronic computingplatforms such as, for example, a hand-held device, laptop, desktopcomputer, workstation with a single or multi-core processor, server withmultiple processors, and/or cluster of computers.

The gateway 124 may include one or more gateway applications. Thegateway application(s) may, for example, handle order processing andmarket data processing. This processing may be based on userpreferences, for example.

The gateway 124 may communicate with the exchange 126, for example,through a local area network, a wide area network, a virtual privatenetwork, a T1 line, a T3 line, an ISDN line, a point-of-presence, theInternet, or a combination of these.

The gateway 124 may be part of the example client device 112. Forexample, the components of the gateway 124 may be part of the samecomputing platform as the client device 112. In some examples, one ormore aspects of the functionality of the gateway 124 may be performed byone or more components of the client device 112. In some examples, theexample trading system 100 may not include the gateway 124 and/orinvolve examples in which the gateway 124 is circumvented. Such anarrangement may occur when the client device 112 does not need toutilize the gateway 124 to communicate with the exchange 126. The clientdevice 112, for example, may be adapted to communicate directly with theexchange 126. The gateway 124 may be located at the same physical siteas the client device 112 or the exchange 126 or at a site physicallyseparate from both the client device 112 and the exchange 126.

D. Server Device

With continued reference to the example in FIG. 1, the example system100 includes a server device 122. The server device 122 may include acomputing device having a processor and memory. The server device 122is, but need not be, collocated with the exchange 126. For example, theserver device 122 may be a server that is physically located at, near,or in the exchange 126. The server device 122 may be adapted to worktrade orders with the exchange 126, for example, in accordance with atrading algorithm. Working an order may include submitting an order,re-quoting an order, cancelling an order, sending a hedge order,managing an outstanding order, or any combination thereof. Outstandingorders are orders that have been submitted to an exchange system buthave not been filled. The exchange 126 may attempt to match all or someof an outstanding order with a contra-side order. Managing anoutstanding order may include, for example, reporting back to the clientdevice, tracking market updates, or otherwise performing one or moretrading functions. An example of a server device is a server running aserver-based spreader, such as Auto Spreader® Strategy Engine (ASE),which is provided by Trading Technologies International, Inc. An ASE mayenhance the performance of a client-based spreader, such as AutoSpreader®, which is also provided by Trading Technologies International,Inc.

The server device 122, among other things, is configured to executeprogramming code corresponding to trading algorithms. The server device122 may execute programming code corresponding to a trading algorithm ina live environment. A live environment generally refers to anenvironment other than a simulation environment.

The server device 122 is configured to receive a trading algorithm,programming code corresponding to the trading algorithm, one or moreidentifiers corresponding to the programming code and/or tradingalgorithm, or any combination thereof. Such information may be stored tothe server device 122. For example, the server device 122 may have oneor more processors and one or more processor-readable media for storingsuch information.

E. Exchange

The example system 100 includes an exchange 126, which is adapted toprovide market data. The market data may, for example, be provided tothe client device 112. The market data may be provided to the clientdevice 112 through the gateway 124. The market data may include datathat represents the inside market, which is the lowest sell price (whichmay be referred to as the “best ask”) and the highest buy price (whichmay be referred to as the “best bid”) at a particular time. The marketdata may also include market depth. Market depth may refer to thequantities available at the inside market and/or may also refer toquantities available at other prices away from the inside market. Themarket data may, for example, also include information such as the lasttraded price (LTP), the last traded quantity (LTQ), and order fillinformation.

The exchange 126 matches orders to buy and sell tradeable objects. Thetradeable objects may be listed for trading by the exchange 126. In theexample of FIG. 1, the orders may include orders received from theclient device 112. Orders may be received from the client device 112through the gateway 124. Additionally or alternatively, the orders maybe received at the exchange 126 from other devices in communication withthe exchange 126. For example, the exchange 126 may be in communicationwith a plurality of client devices (which may be similar to clientdevice 112) that also provide orders to be matched.

In general, the exchange 126 may include a computing device having aprocessor and memory. The exchange 126 may be owned, operated,controlled, and/or used by an exchange entity. Example exchange entitiesinclude the CME Group, the London International Financial Futures andOptions Exchange (“LIFFE”), the IntercontinentalExchange (“ICE”), andEurex. The exchange 126 may be an electronic matching system, such as acomputer, server, or other computing device, that is adapted to enabletradeable objects, for example, offered for trading by the exchange 126,to be bought and sold.

The example trading system 100 may include more than one exchange 126.For example, the gateway 124 may be in communication with multipleexchanges similar to the exchange 126. Such an arrangement may enablethe client device 112 to trade at more than one exchange through thegateway 124.

For clarity, other devices have not been shown in connection with theexample trading system 100. However, the example system 100 of FIG. 1may include additional or alternative devices or components such asmiddleware, firewalls, hubs, switches, routers, exchange-specificcommunication equipment, modems, security managers, encryption devices,etc.

III. Authorization

In some examples, a process of authorizing a trading algorithm employs aunique identifier of a trading algorithm and/or the trading algorithmdefinition. A unique identifier may be an identifier that is unique to agiven trading algorithm and/or trading algorithm definition. Forexample, a unique identifier may include information sufficient todistinguish a given trading algorithm and/or trading algorithmdefinition from another trading algorithm and/or trading algorithmdefinition. A unique identifier may also, or instead, be unique to agiven version of a trading algorithm and/or trading algorithmdefinition. For example, a unique identifier may include informationsufficient to distinguish the version of a trading algorithm and/ortrading algorithm definition from another trading algorithm and/ortrading algorithm definition.

An example of a unique identifier is a hash code generated based on thetrading algorithm, the definition of the trading algorithm, and/or theprogramming code corresponding to the trading algorithm. A hash codegenerally results from a hash function. A hash function is generally awell-defined procedure or mathematical function that converts avariable-sized amount of data into the hash code. Hash functionsinclude, but are not limited to, MD5 and SHA-1. In some examples, theunique identifier is a random or pseudorandom series of numbers and/orletters. Example unique identifiers include universally uniqueidentifiers (UUID) and globally unique identifiers (GUID). For example,a GUID may be created by “myGuid=Guid.NewGuid( )” in .NET framework.Other functions, libraries, or frameworks may provide mechanisms thatcan be used to create GUIDs as well.

A unique identifier may be generated at one or more times and/or inresponse to one or more events. For example, a unique identifier may begenerated anytime a trading algorithm definition is saved or changed. Insome examples, a unique identifier is generated just before a tradingalgorithm, trading algorithm definition and/or unique identifier is sentto the risk manager. In some examples, a unique identifier is generatedwhen a trading algorithm definition is uploaded to the risk manager.

In the illustrated example of FIG. 1, the unique identifier may begenerated by the client device 112, the risk-manager device 114, theserver device 122, and/or any other suitable device. For example, theclient device 112 may generate a unique identifier when a user of theclient device 112 modifies the corresponding trading algorithmdefinition. In some examples, the risk-manager device 114 generates aunique identifier when the risk manager approves the trading algorithmdefinition. In some examples, the server device 122 generates a uniqueidentifier when the server device 122 receives an approved tradingalgorithm, an approved trading algorithm definition, and/or programmingcode corresponding to an approved trading algorithm. In some examples, agovernment auditor reviews and approves a trading algorithm definition,and then facilitates the generation of a unique identifier (for example,using a computer program on a computing device).

A unique identifier may be generated by any suitable software, hardware,or software- and hardware-based configuration. For example, a uniqueidentifier may be generated by the example trading algorithm designapplication 116 (for example, ADL), an authorization application, atrading tool, or any other suitable software- and/or hardware-basedconfiguration.

A unique identifier may change at one or more times and/or in responseto one or more events. For example, a unique identifier associated witha trading algorithm definition may change each time the tradingalgorithm definition is saved, changed, uploaded, modified, approved,etc. Changing a unique identifier can, for example, prevent a traderfrom making changes to a trading algorithm after the trading algorithmhas been approved by a risk manager.

In some examples, unique identifiers do not change in response tochanging parameters. As mentioned above, a parameter may include, forexample, an input into the logic expressions of the trading algorithm.For example, a trading algorithm may include a conditional statementthat indicates “buy 10 contracts when market reaches 94.5.” The “10” maybe a trading algorithm parameter. The unique identifier may not changeif the “10” is changed and the logic of the trading algorithm remainsthe same.

In some examples, a unique identifier may change when one, some, or allof the parameters are changed, but the change may be such that all orsome of the unique identifier is still matched with a previouslygenerated unique identifier. For example, a trading algorithm, asoriginally created, may be associated with a unique identifier of“98765.” As discussed in more detail below, the unique identifier may beauthorized and saved to a server device. Prior to launching the tradingalgorithm but after the trading algorithm is authorized, one or moretrading algorithm parameters are changed but the logic of the tradingalgorithm remains the same. In this example, saving the tradingalgorithm and new parameters causes the unique identifier to change to“98765-V.” In this example, when the server device compares the newunique identifier to the unique identifier saved on the server device,it may allow for the difference in the unique identifiers. In thisexample, the first five characters of the unique identifier match.Accordingly, the server device may execute the trading algorithm.

Allowing trading algorithm parameters to change without causing theunique identifier, which is associated with that trading algorithm, tochange may provide flexibility to a trader. For example, the tradingalgorithm may include a conditional statement that indicates “buy 10contracts when market reaches 94.5.” The user may change the “10” to “5”or “15” without causing the unique identifier to change. This allows thetrader the ability to change the number of contracts that are boughtwithout having to have the trading algorithm authorized again.

Limits may be placed on which parameters may be changed and/or how muchthe parameters may change from the already authorized parameters. Therange of how much a parameter may change or which parameters may changemay be set, for example, by a risk manager. For example, the number ofcontracts to be traded may change within a defined range or tolerance(e.g., +/−10). The trader may change the number of contracts within thistolerance. Outside of this tolerance, the trader may be unable to changethe trading algorithm variables.

The foregoing and following discussions of the unique identifier referto a single identifier in or based on a single file. However, it shouldbe understood that the unique identifier may be a collection of or basedon multiple files and/or multiple unique identifiers.

IV. Example Authorization Techniques

FIGS. 2 and 3A-3H are flow diagrams representative of example machinereadable instructions that may be executed to implement, but is notlimited to implementing, the example system shown in FIG. 1 and/orportions of one or more of that system. The example process(es) of FIGS.2 and 3A-3H may be performed using a processor, a controller and/or anysuitable computing device. For example, the example process(es) of FIGS.2 and 3A-3H may be implemented using coded instructions (for example,computer readable instructions) stored on a tangible computer readablemedium, such as a flash memory, a read-only memory (ROM), and/or arandom-access memory (RAM). In various embodiments, such a tangiblecomputer readable medium is non-transitory.

Some or all of the example process(es) of FIGS. 2 and 3A-3H may beimplemented using any combination(s) of application specific integratedcircuit(s) (ASIC(s)), programmable logic device(s) (PLD(s)), fieldprogrammable logic device(s) (FPLD(s)), discrete logic, hardware,firmware, etc. Also, some or all of the example process(es) of FIGS. 2and 3A-3H may be implemented as any combination(s) of any of theforegoing techniques, for example, any combination of firmware,software, discrete logic and/or hardware. Further, although the exampleprocess(es) of FIGS. 2 and 3A-3H is disclosed with reference to the flowdiagram of FIGS. 2 and 3A-3H, other methods of implementing theprocess(es) of FIGS. 2 and 3A-3H may be employed. For example, the orderof execution of the blocks may be changed, and/or some of the blocksdisclosed may be changed, eliminated, sub-divided, or combined.Additionally, any or all of the example process(es) of FIGS. 2 and 3A-3Hmay be performed sequentially and/or in parallel by, for example,separate processing threads, processors, devices, discrete logic,circuits, etc.

FIG. 2 is a flow diagram illustrating an example method for authorizinga trading algorithm. At block 201, a trading algorithm is designed. Asdisclosed above with respect to FIG. 1, a user of the client device 112may, for example, use the trading algorithm design application 116 todesign a trading algorithm and/or a trading algorithm definitioncorresponding to the trading algorithm.

At block 202, the trading algorithm is authorized on a remote algorithmserver (for example, the server device 122 shown in FIG. 1) operable toexecute programming code representing the trading algorithm. Thealgorithm server may be remote or directly connected to the risk managerdevice 114. In some examples, the authorization may include receiving auser input (for example, through a graphical user interface of a programrunning on the risk manager device 114).

As disclosed above with respect to FIG. 1, a risk manager may evaluateand/or authorize the trading algorithm definition using the risk managerdevice 114. The risk manager device 114 may be a remote device relativeto the client device 112. In some examples, the risk manager mayevaluate the trading algorithm definition to determine the likely oractual risk of the trading algorithm. For example, a risk manager mayevaluate the conditional statement “buy 10 contracts when market reaches94.5” in a trading algorithm definition to determine if the conditionalstatement exceeds an acceptable risk level. In some examples, the riskmanager may evaluate the trading algorithm definition to evaluate thelogic of the trading algorithm. For example, a risk manager may evaluatethe conditional statement “buy 10 contracts when market reaches 94.5” todetermine if the conditional statement will function properly by itself,with another conditional statement, in the desired exchange or desiredmarket, or any combination thereof. In some examples, the risk managermay review the tradeable objects in a spread, for example, to determinewhether price movements of the tradeable objects are related. In someexamples, the risk manager may review the trading algorithm definitionto evaluate the logic and the risk level of the trading algorithm. Insome examples, criterion for determining logic and risk level of atrading algorithm definition may be stored to the risk manager device114, for example, to assist the risk manager in reviewing the tradingalgorithm definition. In some examples, the risk manager may review thetrading algorithm, trading algorithm definition, or both on the clientdevice 112 and/or another device.

The risk manager may facilitate the sending of an authorization to theserver device 122 using the risk manager device 114. In some examples,the authorization is sent directly to the server device 122. Forexample, the risk manager may use an authentication interface of therisk manager device 114 to send a unique identifier of a tradingalgorithm definition directly to the server device 122. The uniqueidentifier may be associated with the programming code representing thetrading algorithm, one or more traders authorized to execute theprogramming code, a version of the trading algorithm, or any combinationthereof. In some examples, the authorization is sent to the serverdevice 122 by way of one or more other devices. For example, the riskmanager may use an authentication interface of the risk manager device114 to send a certificate of authentication for a trading algorithmdefinition to the client device, which may in turn send the certificateto the server device 122. In some examples, the risk manager may use anauthentication interface of the risk manager device 114 to send thetrading algorithm definition to a third-party device (for example, acomputing device of a government official authorized to evaluate tradingalgorithms) for further authentication.

At block 203, a trade execution command is received by the server device122. The trade execution command includes one or more identifiers foruse in authentication. For example, the trade execution command mayinclude programming code, a unique identifier, a trader identifier, acertificate, or any combination thereof.

At block 204 and decision block 205, the trade execution command isvalidated. A decision is made whether the one or more identifiers in thetrade execution command are valid (decision block 205). If the one ormore identifiers in the trade execution command are valid, then theprogramming code is executed (block 206) and the user is notified thatthe programming code was executed (block 207). If, however, the one ormore identifiers in the trade execution command are not valid, then themethod bypasses the execution of the programming code and notifies theuser(s) that the programming code was not executed (block 207).

For example, a user (for example, a trader) may use the client device112 to send a trade execution command, including a trading algorithm anda unique identifier, to the server device 122. Upon receipt, the serverdevice 122 may compare the unique identifier to a unique identifier thatwas approved (for example, by a risk manager) and stored to the serverdevice 122. If the unique identifiers at least substantially match, thenthe server device 122 would execute programming code corresponding tothe trading algorithm and notify the user as such (for example, bysending an e-mail). Otherwise, the server device 122 would not executethe programming code and would notify the user that the programming codewas not executed.

FIGS. 3A-3H are flow diagrams illustrating example methods forauthorizing a trading algorithm. In FIGS. 3A-3H, the exchange 126,server device 122, client device 112, and risk manager 114 areillustrated as vertical lines. For clarity and ease of description, thegateway 124 is not shown. However, it should be understood that thegateway may operate in conjunction with the exchange 126, server device122, client device 112, and risk manager 114.

In the illustrated examples, each of the exchange 126, server device122, client device 112, and risk manager 114 may execute one or moreprocesses. In FIGS. 3A-3H, processes are shown as blocks aligned alongthe respective device that executes the respective processes in thatparticular example. An arrow depicts information conveyed from onedevice to another device. For example, in FIG. 3A, arrow 316 arepresents the sending of at least a trading algorithm and a uniqueidentifier from the client device 112 to the risk manager device 114.Logical processes are also depicted by arrows. For example, in FIG. 3A,the “yes” arrow arising from decision block 338 a represents the serverdevice 122 transitioning from decision block 338 a to block 340 a. Theorder of the disclosed information flow and/or logical processes may bechanged, and/or some of the disclosed information flow and/or logicalprocesses may be changed, eliminated, sub-divided, or combined.

A. Example 1

With reference to FIG. 3A, at block 310 a, a trading algorithm isdesigned on the client device 112. As disclosed above, the client device112 may include a trading algorithm design tool, such as ADL, thatenables a user to design the trading algorithm and/or the tradingalgorithm definition.

At block 312 a, a unique identifier is generated on the client device112. As disclosed above, the unique identifier corresponds to one ormore of the trading algorithm and the trading algorithm definition. Inthe illustrated example, the unique identifier is generated in responseto one or more events (for example, saving or modifying the tradingalgorithm definition).

At block 314 a, the client device 112 sends at least the uniqueidentifier and the trading algorithm definition to the risk managerdevice 114 (arrow 316 a). In some examples, the client device 112 alsosends the trading algorithm to the risk manager device 114.

At block 318 a, the trading algorithm definition is authorized at therisk manager device 114. As disclosed above, the trading algorithmdefinition may be authorized by software running on the risk managerdevice 114 alone or by a combination of such software and user inputfrom a risk manager. For example, as part of block 318 a, the riskmanager device 114 may present the trading algorithm definition to therisk manager, in graphical form or otherwise, to enable the risk managerto analyze the trading algorithm definition. Additionally oralternatively, the risk manager device 114 may conduct an analysis ofthe trading algorithm definition and then present that analysis to therisk manager.

At block 320 a, the risk manager device 114 conveys an authorization tothe server device 122 (arrow 322 a). In the illustrated example, theauthorization includes the unique identifier and either the tradingalgorithm or programming code representing the trading algorithm. If, atblock 314 a, the client device 112 sent the trading algorithm to therisk manager device 114, then the risk manager device 114 may send thattrading algorithm or programming code representing that tradingalgorithm to the server device 122. However, if, at block 314 a, theclient device 112 did not send the trading algorithm to the risk managerdevice 114, then the risk manager device 114 may derive the tradingalgorithm from the trading algorithm definition received from the clientdevice 112 (for example, using ADL), and then send the trading algorithmor programming code representing the trading algorithm to the serverdevice 122.

At block 324 a of the illustrated example, the server device 122 storesthe received unique identifier and the trading algorithm or programmingcode representing the trading algorithm. In this example, the serverdevice 122 is configured to execute any programming code correspondingto any subsequently received trading algorithm having a uniqueidentifier at least substantially matching the stored unique identifier.

At block 326 a of the illustrated example, the server device 122notifies the user of the client device 112 and/or the risk managerdevice 114 that the server device 122 has received and stored the uniqueidentifier and trading algorithm (arrow 328 a). Also at block 326 a ofthe illustrated example, the server device 122 notifies the user of theclient device 112 and/or the risk manager device 114 that the serverdevice 122 is ready to execute programming code corresponding to thetrading algorithm (arrow 330 a).

At block 332 a, the user of the client device 112 may launch the tradingalgorithm. Launching the trading algorithm may include sendinginformation related to a trading algorithm to a server device forexecution or executing the trading algorithm. When launching the tradingalgorithm, the client device 112 sends at least the unique identifier tothe server device 122 (arrow 334 a). In some examples, the client device112 additionally sends the trading algorithm to the server device 122.For example, the unique identifier associated with the trading algorithmmay be embedded in the file containing the trading algorithm, and theclient device 112 may send that file to the server device 122.

At block 336 a, the server device 122 compares the unique identifierreceived from the client device 112 (at block 332 a) to the uniqueidentifier stored by the server device 122 (at block 324 a). At block338 a, the server device 122 compares the unique identifiers todetermine whether the unique identifiers at least substantially match.In some examples, the server device 122 may determine whether the uniqueidentifiers exactly match (for example, whether the unique identifiersare bit-for-bit identical). In some examples, the server device 122 maydetermine whether the unique identifiers substantially match (forexample, whether a portion of one unique identifier matches a portion ofthe other unique identifier). If the unique identifiers at leastsubstantially match, then at block 340 a, the server device 122 executesprogramming code corresponding to the trading algorithm. Arrow 342 arepresents information (for example, trades) being exchanged between theserver device 122 and the exchange 126. If, however, the uniqueidentifiers do not at least substantially match, then at block 344 a,the server device 122 does not execute the programming codecorresponding to the trading algorithm. Additionally, the server device122 notifies one or more of the user of the client device 112 (arrow 346a) and the risk manager (arrow 348 a) that the server device 122 has notexecuted the programming code.

B. Example 2

FIG. 3B shows an example method for authorizing a trading algorithm. InFIG. 3B, the unique identifier is generated by the risk manager 114device, rather than by the client device 112.

At block 310 b of FIG. 3B, a trading algorithm is designed on the clientdevice 112. At block 314 b, the client device 112 sends at least thetrading algorithm definition to the risk manager device 114 (arrow 316b). In some examples, the client device 112 additionally sends thetrading algorithm to the risk manager device 114. At block 318 b, thetrading algorithm definition is authorized at the risk manager device114, in a similar manner as disclosed above in connection with FIG. 3A.

At block 319 b, a unique identifier is generated on the risk managerdevice 112. The unique identifier may be generated, for example, afterthe risk manager reviews and/or approves the trading algorithmdefinition. The risk manager may generate the unique identifier, forexample, by inputting a combination of letters and numbers into a userinterface of the risk manager device 112, which may, in turn, store theunique identifier. In some examples, the risk manager may facilitate thegeneration of a unique identifier using the risk manager device 114,which may, in turn, generate and store a unique identifier having apseudorandom combination of letters and numbers.

At block 320 b, an authorization is sent from the risk manager device114 to the server device 122 (arrow 322 b). As disclosed above, theauthorization includes the unique identifier and either the tradingalgorithm or programming code representing the trading algorithm. In theillustrated example of FIG. 3B, the risk manager also sends the uniqueidentifier from the risk manager device 114 to the client device 112 toenable the user of the trading algorithm (for example, the trader) tofacilitate the execution of the trading algorithm on the server device122 (arrow 323 b).

At block 324 b of the illustrated example, the server device 122 storesthe received unique identifier and the trading algorithm or programmingcode representing the trading algorithm. In this example, the serverdevice 122 is configured to execute any programming code correspondingto any subsequently received trading algorithm having a uniqueidentifier at least substantially matching the stored unique identifier.

At block 326 b of the illustrated example, the server device 122notifies the user of the client device 112 and/or the risk managerdevice 114 that the server device 122 has received and stored the uniqueidentifier and trading algorithm (arrow 328 b). Also at block 326 b ofthe illustrated example, the server device 122 notifies the user of theclient device 112 and/or the risk manager device 114 that the serverdevice 122 is ready to execute programming code corresponding to thetrading algorithm (arrow 330 b).

At block 332 b, the user of the client device 112 may launch the tradingalgorithm. Launching the trading algorithm may include sendinginformation related to a trading algorithm to a server device forexecution or executing the trading algorithm. When launching the tradingalgorithm, the client device 112 sends at least the unique identifier tothe server device 122 (arrow 334 b). In some examples, the client device112 additionally sends the trading algorithm to the server device 122.For example, the unique identifier associated with the trading algorithmmay be embedded in the file containing the trading algorithm, and theclient device 112 may send that file to the server device 122.

At block 336 b, the server device 122 compares the unique identifierreceived from the client device 112 (at block 332 b) to the uniqueidentifier stored by the server device 122 (at block 324 b). At block338 b, the server device 122 compares the unique identifiers todetermine whether the unique identifiers at least substantially match.If the unique identifiers at least substantially match, then at block340 b, the server device 122 executes programming code corresponding tothe trading algorithm. Arrow 342 b represents information (for example,trades) being exchanged between the server device 122 and the exchange126. If, however, the unique identifiers do not at least substantiallymatch, then at block 344 b, the server device 122 does not execute theprogramming code corresponding to the trading algorithm. Additionally,the server device 122 notifies one or more of the user of the clientdevice 112 (arrow 346 b) and the risk manager (arrow 348 b) that theserver device 122 has not executed the programming code.

C. Example 3

FIG. 3C shows an example method for authorizing a trading algorithm. Inthe example method shown in FIG. 3C, the unique identifier is generatedby the server device 122, rather than by the client device 112 or therisk manager device 114.

At block 310 c of FIG. 3C, a trading algorithm is designed on the clientdevice 112. At block 314 c, the client device 112 sends at least thetrading algorithm definition to the risk manager device 114 (arrow 316c). In some examples, the client device 112 additionally, sends thetrading algorithm to the risk manager device 114. At block 318 c, thetrading algorithm definition is authorized at the risk manager device114.

At block 320 c, an authorization is sent from the risk manager device114 to the server device 122 (arrow 322 c). In the illustrated example,the authorization includes at least the trading algorithm and/orprogramming code representing the trading algorithm.

At block 324 c, a unique identifier is generated on the server device122 and stored to the server device 122. The server device 122 maygenerate the unique identifier, for example, by determining a hash valueof the trading algorithm and/or programming code corresponding to thetrading algorithm, and the hash value may be stored to the server device122 as the unique identifier. The server device 122 may generate andstore a unique identifier in additional or alternative manners.

At block 326 c, the server device 122 sends a notification to the user(for example, a trader) of the client device 112 (for example, bysending an e-mail), as represented by arrow 328 c. The notificationincludes at least the unique identifier generated by the server device122. The unique identifier enables the user to facilitate the executionof the trading algorithm.

At block 332 c, the user of the client device 112 uses the client device112 to launch the trading algorithm. Launching the trading algorithm mayinclude sending information related to a trading algorithm to a serverdevice or executing the trading algorithm. When launching the tradingalgorithm, the client device 112 sends at least the unique identifier tothe server device 122 (arrow 334 c). In some examples, the client device112 additionally sends the trading algorithm to the server device 122.For example, the unique identifier associated with the trading algorithmmay be embedded in the file containing the trading algorithm, and theclient device 112 may send that file to the server device 122.

At block 336 c, the server device 122 compares the unique identifierreceived from the client device 112 (at block 332 c) to the uniqueidentifier stored by the server device 122 (at block 324 c). At block338 c, the server device 122 compares the unique identifiers todetermine whether the unique identifiers at least substantially match.If the unique identifiers at least substantially match, then at block340 c, the server device 122 executes programming code corresponding tothe trading algorithm. Arrow 342 c represents information (for example,trades) being exchanged between the server device 122 and the exchange126. If, however, the unique identifiers do not at least substantiallymatch, then at block 344 c, the server device 122 does not execute theprogramming code corresponding to the trading algorithm. Additionally,the server device 122 notifies one or more of the user of the clientdevice 112 (arrow 346 c) and the risk manager (arrow 348 c) that theserver device 122 has not executed the programming code.

D. Example 4

FIG. 3D shows an example method for authorizing a trading algorithm. Themethod shown in FIG. 3D involves the use of a certificate. In theillustrated example, the certificate cannot be modified by a user otherthan the risk manager and contains information sufficient to indicatethat the risk manager has approved the trading algorithm associated withthe certificate. As such, the certificate may be sent to the serverdevice 122 by the risk manager or another user (for example, the traderauthorized to execute the trading algorithm).

At block 310 d, a trading algorithm is designed on the client device112. At block 314 d, the client device 112 sends at least the tradingalgorithm definition to the risk manager device 114. Arrow 316 drepresents the sending of at least the trading algorithm definition fromthe client device 112 to the risk manager 114. The client device 112 mayalso, but need not, send the trading algorithm and/or the uniqueidentifier of the trading algorithm and/or trading algorithm definitionto the risk manager device 114. At block 318 d, the trading algorithmdefinition is authorized at the risk manager device 114.

At block 319 d, a certificate is generated at the risk manager device114. In the illustrated example, the certificate includes at leastcertification information and a unique identifier. Certificationinformation refers to information indicating that the risk manager hascertified the trading algorithm. For example, the certificationinformation may be a hash value of a unique risk manager identifier,which identifies the risk manager reviewing and/or authorizing thetrading algorithm definition. The hash value of the unique risk manageridentifier may be stored to the server device 122. This storage locationmay enable a user other than the risk manager to see the hash value ofthe unique risk manager identifier, but not the unique risk manageridentifier itself. Also, the server device 122 may validate the hashvalue by comparing it with the hash value stored to the server device122. The certification information may be take additional or alternativeforms.

At block 320 d, the risk manager device 114 sends the certificate to theclient device 112 (arrow 222). At block 323 d, the client device 112uploads at least the trading algorithm and/or programming codeassociated with the trading algorithm, along with the certificate, tothe server device 122 (arrow 324 d). At block 325 d, the server device122 extracts the certification information and unique identifier fromthe certificate and stores the certification information and uniqueidentifier. At block 327 d, the server device 122 validates thecertification information to ensure that the certification informationcorresponds to a certifier. For example, the server device 122 maycompare the received certification information to certificationinformation stored at the server device 122, and on that basis,determine whether the extracted certification information corresponds toa certifier.

At decision block 329 d, the server device 122 determines whether thecertification information corresponds to a legitimate certifier. If thecertification does not correspond to a legitimate certifier, then theserver device 122 rejects the trading algorithm and the uniqueidentifier (block 331 d) and notifies the client device 112 of such arejection (block 333 d and arrow 335 d). If, however, the certificationinformation corresponds to a legitimate certifier, then at block 337 d,the server device 122 stores the trading algorithm and the correspondingunique identifier. At block 339 d, the server device 122 awaits anexecute command having a unique identifier. Although not shown in FIG.3D, the server device 122 is configured to compare the unique identifierin any received execute command to the unique identifier stored to theserver device 122 at block 324 d. At least in part on the basis of thatcomparison, the server device 122 is to execute or reject programmingcode corresponding to the trading algorithm.

E. Example 5

FIG. 3E shows an example method for authorizing a trading algorithm. Inthe example method disclosed in FIG. 3E, the client device 112 sends thetrading algorithm and/or programming code corresponding to the tradingalgorithm to the server device 122 (block 315 e). Therefore, at block320 e of FIG. 3E, because the server device 122 already has the tradingalgorithm and/or programming code corresponding to the tradingalgorithm, the risk manager device 114 need only send the uniqueidentifier. Arrow 322 e represents the sending of at least the uniqueidentifier from the risk manager device 114 to the server device 122.

At block 324 e of the illustrated example, the server device 122 storesthe received unique identifier. At block 326 e, the server device 122notifies the user of the client device 112 and/or the risk managerdevice 114 that the server device 122 has received and stored the uniqueidentifier and trading algorithm (arrows 328 e and 330 e).

At block 332 e, the user of the client device 112 launches the tradingalgorithm. Launching the trading algorithm may include sendinginformation related to a trading algorithm to a server device orexecuting the trading algorithm. When launching the trading algorithm,the client device 112 sends at least the unique identifier to the serverdevice 122 (arrow 334 e). At block 336 e, the server device 122 comparesthe unique identifier received from the client device 112 (at block 332e) to the unique identifier stored by the server device 122 (at block324 e). At block 338 e, the server device 122 compares the uniqueidentifiers to determine whether the unique identifiers at leastsubstantially match. If the unique identifiers at least substantiallymatch, then at block 340 e, the server device 122 executes programmingcode corresponding to the trading algorithm. Arrow 342 e representsinformation (for example, trades) being exchanged between the serverdevice 122 and the exchange 126. If, however, the unique identifiers donot at least substantially match, then at block 344 e, the server device122 does not execute the programming code corresponding to the tradingalgorithm. Additionally, the server device 122 notifies one or more ofthe user of the client device 112 (arrow 346 e) and the risk manager(arrow 348 e) that the server device 122 has not executed theprogramming code.

F. Example 6

FIG. 3F shows an example method for authorizing a trading algorithm. Themethod of FIG. 3F involves the use of a trader identifier. The traderidentifier may be a form of a unique identifier. The trader identifiermay identify, for example, a particular user (for example, a trader),software used by the particular user, a work station operated by theparticular user, an experience level associated with the user, a tradingdepartment associated with the user, or a combination of these. Thetrader identifier may be known to the user of the client device 112. Insome examples, the trader identifier is stored to the client device 112and appears on a user interface generated by the client device 112.

After a trading algorithm is designed on the client device 112 (block310 f), the client device 112 sends at least the trader identifier andthe trading algorithm definition to the risk manager device 114 (block314 f and arrow 316 f). In some examples, the client device 112additionally sends the trading algorithm to the risk manager device 114.

At block 318 f, the trading algorithm definition is authorized at therisk manager device 114. At block 320 f, an authorization is sent fromthe risk manager device 114 to the server device 122. The authorizationincludes the trader identifier, along with the trading algorithm orprogramming code representing the trading algorithm (arrow 322 f).

At block 324 f, the server device 122 stores the received traderidentifier. In some examples, the server device 122 stores the tradingalgorithm or programming code representing the trading algorithm. Atblock 326 f, the server device 122 notifies the user of the clientdevice 112 and/or the risk manager device 114 that the server device 122has received and stored the trader identifier and trading algorithm(arrows 328 f and 330 f).

At block 332 f, the user of the client device 112 uses the client device112 to launch the trading algorithm. Launching the trading algorithm mayinclude sending information related to a trading algorithm to a serverdevice or executing the trading algorithm. When launching the tradingalgorithm, the client device 112 sends at least the trading algorithmand the trader identifier to the server device 122 (arrow 334 f). Atblock 336 f, the server device 122 compares the trader identifierreceived from the client device 112 (at block 332 f) to the traderidentifier stored by the server device 122 (at block 324 f). At block338 f, the server device 122 compares the trader identifiers todetermine whether the trader identifiers at least substantially match.If the trader identifiers at last substantially match, then at block 340f, the server device 122 executes programming code corresponding to thetrading algorithm. Arrow 342 f represents information (for example,trades) being exchanged between the server device 122 and the exchange126. If, however, the trader identifiers do not at least substantiallymatch, then at block 344 f, the server device 122 does not execute theprogramming code corresponding to the trading algorithm. Additionally,the server device 122 notifies one or more of the user of the clientdevice 112 (arrow 346 f) and the risk manager (arrow 348 f) that theserver device 122 has not executed the programming code.

A unique identifier may be used in conjunction with the traderidentifier. For example, a unique identifier may be generated and sentto the user of the client device 112, as disclosed above with referenceto FIGS. 3A and 3B. The user may then instruct the client device 112 tosend the trading algorithm, trader identifier, and unique identifier tothe server device 122. The server device 122 may then compare the uniqueidentifier and the trader identifier stored to the server device 122,respectively, to the received unique identifier and trader identifier.The server device 122 may then execute programming code corresponding tothe trading algorithm, if the trader identifiers at least substantiallymatch and the unique identifiers at least substantially match.

G. Example 7

FIG. 3G shows an example method for authorizing a trading algorithm. Themethod disclosed in FIG. 3G includes a second authorizer and, therefore,a second level of authorization. As shown in FIG. 3G, the example methodincludes a third-party device 140, which may have a similarconfiguration to the risk manager device 114. The third-party device 140may be, for example, a computing device of a government official who isto review and/or authorize trading algorithms. In some examples, thethird-party device 140 is a computing device of a trading algorithmauditor who works outside the organization of the user authorized tofacilitate the execution of the trading algorithm. In some examples, thetrading algorithm auditor reviews the trading algorithm not only withina context of a particular trading group or portfolio, but within abroader or different context (for example, a trading market or a segmentof a trading market). In some examples, the third-party device 140 is acomputing device of a supervisor of the user authorized to facilitatethe execution of the trading algorithm.

As shown in FIG. 3G, a trading algorithm is designed (block 310 g), aunique identifier is generated (block 312 g), and the trading algorithmdefinition and unique identifier are sent to the risk manager device 114(block 314 g and arrow 316 g). Using the risk manager device 114, thetrading algorithm is authorized (block 318 g), and the trading algorithmand unique identifier are sent to the third-party device 140 (block 320g). Using the third-party device, the trading algorithm is thenauthorized (block 319 g) and the trading algorithm and unique identifierare sent to the server device 122 (block 321 g and arrow 322 g). Theunique identifier is then stored to the server device 122 (block 324 g).At block 339 g, the server device 122 awaits an execute command having aunique identifier. Although not shown in FIG. 3G, the server device 122is configured to compare the unique identifier in any received executecommand to the unique identifier stored to the server device 122 atblock 324 g. At least in part on the basis of that comparison, theserver device 122 is to execute or reject programming code correspondingto the trading algorithm.

H. Example 8

FIG. 3H shows an example method for authorizing a trading algorithm. Inthe example method disclosed in FIG. 3H, at the client device 112, thetrading algorithm is designed (block 310 h), the unique identifier isgenerated (block 312 h), and the trading algorithm definition and uniqueidentifier are sent to the risk manager device (block 314 h and arrow316 h). At the risk manager device 114, the trading algorithm isauthorized (block 318 h) and an authorization is sent to the serverdevice 122 (block 320 h and arrow 322 h).

At block 324 h, the server device 122 stores the received uniqueidentifier. At block 326 h, the server device 122 notifies the user ofthe client device 112 and/or the risk manager device 114 that the serverdevice 122 has received and stored the unique identifier and tradingalgorithm (arrows 328 h and 330 h).

At block 332 h, the user of the client device 112 launches the tradingalgorithm. Launching the trading algorithm may include sendinginformation related to a trading algorithm to a server device orexecuting the trading algorithm. When launching the trading algorithm,the client device 112 sends the unique identifier and the tradingalgorithm to the server device 122 (arrow 334 h). At block 336 h, theserver device 122 compares the unique identifier received from theclient device 112 (at block 332 h) to the unique identifier stored bythe server device 122 (at block 324 h). At block 338 h, the serverdevice 122 compares the unique identifiers to determine whether theunique identifiers at least substantially match. If the uniqueidentifiers at least substantially match, then at block 340 h, theserver device 122 executes programming code corresponding to the tradingalgorithm. Arrow 342 h represents information (for example, trades)being exchanged between the server device 122 and the exchange 126. If,however, the unique identifiers do not at least substantially match,then at block 344 h, the server device 122 does not execute theprogramming code corresponding to the trading algorithm. Additionally,the server device 122 notifies one or more of the user of the clientdevice 112 (arrow 346 h) and the risk manager (arrow 348 h) that theserver device 122 has not executed the programming code.

I. Example 9

FIG. 3I shows an example method for authorizing a trading algorithm. Inthe example method disclosed in FIG. 3I, at the client device 112, thetrading algorithm is designed (block 310 i) and the trading algorithmdefinition is sent to the risk manager device (block 314 i and arrow 316i). At the risk manager device 114, the trading algorithm is authorized(block 318 i). Authorization may include generating a unique identifier.For example, the risk manager device 114 may generate a hash for thetrading algorithm. The authorization is sent to the server device 122(block 320 i and arrow 322 i). For example, the hash associated with thetrading algorithm is sent to the server device 122.

At block 324 i, the server device 122 stores the received uniqueidentifier. The unique identifier may be stored in a list of uniqueidentifiers that have been approved. The list may be specific to atrader or a general list of approved unique identifiers (e.g.,non-trader specific). For example, the server device 122 may store thehash. At block 326 i, the server device 122 notifies the user of theclient device 112 and/or the risk manager device 114 that the serverdevice 122 has received and stored the unique identifier (arrows 328 iand 330 i). It is noted that notification may be optional. For example,a user may select whether to receive a notification. The notification tothe risk manager device 114 may be a confirmation that the uniqueidentifier was stored on the server device 122.

At block 332 i, the user of the client device 112 launches the tradingalgorithm. Launching the trading algorithm may include sendinginformation related to a trading algorithm to a server device. Whenlaunching the trading algorithm, the client device 112 sends the tradingalgorithm to the server device 122 (arrow 334 i). At block 336 i, theserver device 122 generates a unique identifier based on the receivedtrading algorithm. For example, using the trading algorithm, the serverdevice 122 may generate a hash for the trading algorithm. The hash maybe generated based on the trading algorithm, trading algorithmdefinition, or programming code. The same hash function that the riskmanager device 114 may be used when generating the unique identifier.Also at block 336 i, the server device 122 may check the generatedunique identifier. Checking the unique identifier may include storingthe unique identifier.

At block 338 i, the server device 122 compares the unique identifiers todetermine whether unique identifiers at least substantially match.Checking may include comparing the unique identifier generated at block336 i to a list of approved (e.g., authorized) unique identifiers storedon the server device 122. For example, the server device 122 may comparea hash that was generated by the server device 122 based on theprogramming code sent from the client device 112 to a list of approvedhash codes that were transmitted from the risk manager device 114. Ifthe unique identifiers at least substantially match, then at block 340i, the server device 122 executes programming code corresponding to thetrading algorithm. Arrow 342 i represents information (for example,trades) being exchanged between the server device 122 and the exchange126. If, however, the unique identifiers do not at least substantiallymatch, then at block 344 i, the server device 122 does not execute theprogramming code corresponding to the trading algorithm. Additionally,the server device 122 notifies one or more of the user of the clientdevice 112 (arrow 346 i) and the risk manager (arrow 348 i) that theserver device 122 has not executed the programming code.

J. Example 9

FIG. 3J shows an example method for authorizing a trading algorithm. Inthe example method shown in FIG. 3J, the risk manager device 114 doesnot send the unique identifier to the server device 122 directly.

In the example method disclosed in FIG. 3J, at the client device 112,the trading algorithm is designed (block 310 j) and the tradingalgorithm definition is sent to the risk manager device (block 314 j andarrow 316 j). At the risk manager device 114, the trading algorithm isauthorized (block 318 j). Authorization may include generating a uniqueidentifier. For example, the risk manager device 114 may generate aunique identifier that includes or is associated with a digitalsignature or a cryptographic key. A digital signature is a mathematicalscheme for demonstrating the authenticity of a digital message ordocument. A valid digital signature gives a recipient reason to believethat the message was created by a known sender, and that it was notaltered in transit. Digital signatures may be used for softwaredistribution, financial transactions, and in other cases where it isimportant to detect forgery or tampering. The digital signature may beapplied directly to the trading algorithm or trading algorithmdefinition. A cryptographic key may be used to detect the recipient. Acryptographic key may be applied to the trading algorithm or tradingalgorithm definition. The authorization is sent to the client device 122(block 320 j and arrow 322 j). In addition to be transmitted alone, theunique identifier may be transmitted in the trading algorithm or tradingalgorithm definition. For example, the risk manager device 114 maytransmit the trading algorithm including the digital signature or thecryptographic key.

At block 332 j, the user of the client device 112 launches the tradingalgorithm. Launching the trading algorithm may include sendinginformation related to a trading algorithm to a server device. Whenlaunching the trading algorithm, the client device 112 sends the tradingalgorithm and unique identifier to the server device 122 (arrow 334 j).

At block 338 j, the server device 122 determines whether the tradingalgorithm has been authorized by the risk manager. Determining whetherthe trading algorithm has been authorized may include checking theunique identifier. For example, the digital signature may be examined todetermine the whether the risk manager signed the trading algorithm. Inanother example, the server device may ensure that the proper key isassociated with the trading algorithm. If the unique identifier has beenauthorized, then at block 340 j, the server device 122 executesprogramming code corresponding to the trading algorithm. Arrow 342 jrepresents information (for example, trades) being exchanged between theserver device 122 and the exchange 126. If, however, the uniqueidentifier has not been authorized, then at block 344 i, the serverdevice 122 does not execute the programming code corresponding to thetrading algorithm. Additionally, the server device 122 notifies one ormore of the user of the client device 112 (arrow 346 j) and the riskmanager (arrow 348 j) that the server device 122 has not executed theprogramming code.

V. Example Trading Algorithm Design and Authentication Tools

FIG. 4 is a screenshot associated with an example user interface 400generated in association with the example trading algorithm designapplication 116 of FIG. 1. The trading algorithm design interface 400shown in FIG. 4 is an example of a visual design interface such as ADL.

The example trading algorithm design interface 400 includes a toolportion 402, a trading algorithm definition portion 410, and asimulation controls portion 420. A user (for example, a trader) may usethe trading algorithm design interface 400 to design a tradingalgorithm.

As shown in FIG. 4, the tool portion 402 includes several blocks, suchas, for example, an add block 404, a subtract block 406, and a greaterthan block 408. Each of the blocks in the tool portion 402 correspondsto one or more algorithmic functions. For example, the add block 404 mayreceive two inputs, add them, and produce an output. A user may select ablock in the tool portion 402 and drag that block into the tradingalgorithm definition portion 410 to add the functionality of that blockto a trading algorithm. For example, the user of the trading algorithmdesign software 400 shown in FIG. 4 has added two instrument blocks, anumber block, and a legger block to the trading algorithm definitionportion 404. The user may define relationships between blocks added tothe trading algorithm definition portion 410 by selecting a port of ablock and then selecting a port of another block. For example, the userhas coupled the output of one of the instrument blocks 412 to an inputof the legger block 414. Line 416 illustrates that coupling.

One or more of the blocks from the tool portion 402 may be designated asvariable blocks. For example, the number block 418 in the tradingalgorithm definition portion 410 has been designated as a variableblock, as illustrated in the variable column 422 to the right of thetrading algorithm definition portion 410. In addition, certain of theblocks from the tool portion 402 may be given a default value. Forexample, the number block 418 has been given a default value of five, asillustrated in the default value column 424 to the right of the tradingalgorithm definition portion 410. In other words, when the tradingalgorithm corresponding to the shown trading algorithm definition isexecuted, the trading algorithm will have a variable called “Numb0” thathas a default value of five.

Using the example trading algorithm design interface 400 of FIG. 4, auser may design a trading algorithm and/or trading algorithm definition,name it, and save it to a computing device (for example, the clientdevice 112). As disclosed above, in some examples, the saving of thetrading algorithm definition may prompt the client device 112 togenerate a unique identifier.

FIGS. 5A-5B are screenshots of an example trading algorithmauthentication interface 500 associated with an authenticationapplication running on the risk manager device 114. The exampleauthentication interface 500 enables a risk manager to review and/orauthenticate one or more trading algorithms. The example authenticationinterface 500 includes a user list portion 502 and a user detailsportion 504. The example user list portion 502 of FIG. 5A identifies oneor more users (for example, traders) through one or more correspondingselectable icons. As indicated by highlighting in FIG. 5A, the riskmanager has selected the user “john” on the example interface 500.

The example user details portion 504 includes information about a userselected in the user list portion 502 (for example, john) and one ormore options related to the selected user. For example, using an importbutton 506, the risk manager may open a list of trading algorithmdefinitions associated with the selected user. FIG. 5B shows theauthentication interface 500 of FIG. 5A after the risk manager imports atrading algorithm definition using the import button 506. As shown in anenabled trading algorithms box 508 of FIG. 5B, the risk manager hasimported version seven of a trading algorithm definition called “ZMZSS”.The GUID (5da8d-fced-4c23) of this trading algorithm definition, whichis shown in the enabled trading algorithms box 508, serves as the uniqueidentifier of the trading algorithm. However, the unique identifier neednot be shown in some examples. After the risk manager approves thetrading algorithm definition ZMZSS, the corresponding unique identifiermay be uploaded to a list of approved unique identifiers associated withthe trader account “john”. In FIG. 5B, only one trading algorithmdefinition has been shown. However, the enabled trading algorithms box508 may contain multiple trading algorithm definitions, in which casethe risk manager may use an “allow any algorithm” dialog 510 and/or an“allow only selected” dialog 512 to approve one or more desired tradingalgorithm definitions. A save button 514 enables the risk manager tosave the desired configuration.

FIG. 6 shows a screenshot of an example trading algorithm launchinginterface 600 that a user (for example, a trader) may use to facilitateexecution of programming code corresponding to a trading algorithm. Thelaunching interface 600 may be a different module of the designinterface 400 (shown, in part, in FIG. 4). Alternatively, the launchinginterface 600 may be independent of the example design interface 400 ofFIG. 4.

As shown in FIG. 6, the user has loaded the trading algorithm definition“ZMZSS”, for which the account “john1234” has been authorized toexecute. Using a launch button 602, the user may attempt to launchprogramming code corresponding to the trading algorithm definition. Agraphical view of the trading algorithm definition is shown in box 604.The user may select box 604 to expand a graphical view of the tradingalgorithm definition and/or edit the trading algorithm definition.However, as disclosed above, if the user edits the trading algorithmdefinition, the user will be unable to execute it until a risk managerand/or third-party approve(s) the modified trading algorithm definition.

When the user selects the launch button 602, the programming code andunique identifier (for example, the GUID shown in FIG. 5B) are sent tothe server device 122. However, as disclosed above, various othercombinations of information may be sent to the server device 122. Forexample, the programming code may already have been sent to the serverdevice 122 (for example, by the risk manager device 114), in which casethe client device 122 need only send the unique identifier to the serverdevice 122. If the server device 122 determines that there is an atleast partial match between the sent unique identifier and the uniqueidentifier stored to the server device 122, then the trading algorithmis confirmed and the server device 122 may execute the programming code.As shown in FIG. 6, in a status column 606, the trading algorithm isrunning, indicating that the server device 122 confirmed the tradingalgorithm and that the server device 122 is executing the programmingcode corresponding to the trading algorithm.

FIG. 7 shows a screenshot of an application window 700 that a user (forexample, a trader) of the client device 112 may use to determine anoperating status of one or more trading algorithms. The applicationwindow 700 may, for example, be a part of the trading algorithm designapplication 116 or the trading application(s) 118 (shown in the exampleof FIG. 1). As shown, the application window 700 includes a table 702listing two trading algorithms, one in each of rows 704 and 706. Thetrading algorithm in row 704, “Oil_Share”, has been rejected by theserver device (for example, the server device 122) because the userattempting to run that trading algorithm does not have permission to runthat trading algorithm. However, the trading algorithm in row 706,“ZMZSS”, has been confirmed by the server device (for example, theserver device 122), as discussed above; therefore, the status of thattrading algorithm in row 706 appears as “Confirm”.

VI. Example Computing Device(s)

A computing device may include a processor and memory. A processor maybe a general processor, digital signal processor, application specificintegrated circuit, field programmable gate array, analog circuit,digital circuit, combinations thereof, or other now known or laterdeveloped processors. A processor may be a single device or acombination of devices, such as associated with a network or distributedprocessing. Any of various processing strategies may be used, such asmulti-processing, multi-tasking, parallel processing, or the like.Processing may be local, as opposed to remote. However, processing canbe performed remotely. Processing may be moved from one processor toanother processor. A processor may be responsive to logic encoded intangible media, which may be non-transitory. The logic may be stored aspart of software, hardware, integrated circuits, firmware, micro-code orthe like.

The memory may be computer readable storage media. Computer readablestorage media may include various types of volatile and non-volatilestorage media, including but not limited to random access memory,read-only memory, programmable read-only memory, electricallyprogrammable read-only memory, electrically erasable read-only memory,flash memory, magnetic tape or disk, optical media and the like. Thememory may be a single device or combinations of devices. The memory maybe adjacent to, part of, programmed with, networked with and/or remotefrom processor.

The processor may be operable to execute logic encoded in one or moretangible media, such as the memory. Logic encoded in one or moretangible media for execution may be instructions that are executable bythe processor and that are provided on the computer-readable storagemedia, memories, or a combination thereof. One or more of these mediamay comprise, contain, and/or store one or more such executableinstructions. The processor may be programmed with and execute thelogic. The functions, acts or tasks illustrated in the figures ordescribed herein may be executed in response to one or more sets oflogic or instructions stored in or on computer readable storage media.The functions, acts or tasks are independent of the particular type ofinstructions set, storage media, processor or processing strategy andmay be performed by software, hardware, integrated circuits, firmware,micro code and the like, operating alone or in combination.

FIG. 8 is a block diagram of an example computing device 800 that may beused to implement the disclosed examples. The computing device 800 mayinclude additional, different, or fewer components.

The computing device 800 includes a processor 802 that is coupled to aninterconnection bus 804. The processor 802 may be any suitableprocessor, processing unit, or microprocessor. The computing device 800may be a multi-processor system and, thus, may include one or moreadditional processors that are communicatively coupled to theinterconnection bus 804.

The processor 802 of FIG. 8 is coupled to a chipset 806, which includesa memory controller 808 and an input/output (I/O) controller 810. As iswell known, a chipset typically provides I/O and memory managementfunctions as well as a plurality of general purpose and/or specialpurpose registers, timers, etc. that are accessible or used by one ormore processors coupled to the chipset 806. The memory controller 808performs functions that enable the processor 802 (or processors if thereare multiple processors) to access a system memory 812 and a massstorage memory 814.

The processor 802 may be operable to execute logic encoded in one ormore tangible media, such as the system memory 812, mass storage memory814, and/or network device 820. As used herein, logic encoded in one ormore tangible media includes instructions that are executable by theprocessor 802 and/or a different processor. The logic may be stored aspart of software, hardware, integrated circuits, firmware, and/ormicro-code. The logic may be received from an external communicationdevice through a communication network connected to the Internet. Theprocessor 802 may execute the logic to perform the disclosed functions,acts, or tasks.

The system memory 812 may include any desired type of volatile and/ornon-volatile memory such as, for example, static random access memory(SRAM), dynamic random access memory (DRAM), flash memory, read-onlymemory (ROM), etc. The mass storage memory 814 may include any desiredtype of mass storage device including hard disk drives, optical drives,tape storage devices, etc. The system memory 812 and the mass storagememory 814 may be a single memory module.

The I/O controller 810 performs functions that enable the processor 802to communicate with peripheral input/output (I/O) devices 816 and 818and a network interface 820 through an I/O bus 822. The I/O devices 816and 818 may be any desired type of I/O device such as, for example, akeyboard, a video display or monitor, a mouse, etc. The networkinterface 820 may be, for example, an Ethernet device, an asynchronoustransfer mode (ATM) device, an 802.11 device, a DSL modem, a cablemodem, a cellular modem, etc. that enables the computing device 800 tocommunicate with another computing device.

While the memory controller 808 and the I/O controller 810 are depictedin FIG. 8 as separate blocks within the chipset 806, the functionsperformed by these blocks may be integrated within a singlesemiconductor circuit or may be implemented using two or more separateintegrated circuits. One or more of the components of the computingdevice 800 may be implemented as a system on a chip (for example, asystem on a chip in a mobile platform).

While examples have been disclosed, various changes may be made andequivalents may be substituted. In addition, many modifications may bemade to adapt a particular situation or material. Therefore, it isintended that the disclosed technology not be limited to the particularexamples disclosed, but will include all examples falling within thescope of the appended claims.

The invention claimed is:
 1. A method comprising: receiving, by acomputing device, a trading algorithm definition corresponding to atrading algorithm, the trading algorithm having a plurality of variableparameters; in response to receiving the trading algorithm definition:generating, by the computing device, programming code representing thetrading algorithm; generating, by the computing device, a uniqueidentifier identifying at least both the programming code representingthe trading algorithm and a trader authorized to execute the programmingcode, where the computing device is configured to modify the uniqueidentifier in response to a change to the trading algorithm; sending, bythe computing device, the unique identifier and the programming coderepresenting the trading algorithm to an algorithm server operable toexecute programming code, and storing, by the algorithm server, theunique identifier sent to the algorithm server and the programming coderepresenting the trading algorithm; receiving, by the computing device,a user input that authorizes the trading algorithm definition forexecution on the algorithm server; in response to the receiving the userinput, launching, by the algorithm server, the programming coderepresenting the trading algorithm; receiving, by the computing device,a parameter range for at least one parameter of the plurality ofvariable parameters; subsequent to launching the programming coderepresenting the trading algorithm, receiving, by the computing device,modifications to the programming code representing the tradingalgorithm, the modification to the programming code including a changeto the at least one parameter; in response to receiving themodifications to the programming code representing the tradingalgorithm, comparing, by the computing device, the change to the atleast one parameter to the parameter range; in response to comparing thechange to the at least one parameter to the parameter range,determining, by the computing device, that the unique identifier storedat the algorithm server has not been modified; in response todetermining that the change to the at least one parameter is within theparameter range and the unique identifier has not been modified,executing, by the algorithm server, at least the modifications to theprogramming code including the change to the at least one parameter; andin response to determining that the change to the at least one parameteris not within the parameter range and the unique identifier has not beenchanged, preventing, by the computing device the modifications to thecode from being executed.
 2. The method of claim 1, wherein the uniqueidentifier is a certificate generated on a risk manager device, andwhere sending the unique identifier comprises sending the certificatefrom the risk manager device to be accessed by a user of a clientcomputing device.
 3. The method of claim 2, wherein the certificate isgenerated using at least one of the unique identifier, the tradingalgorithm definition, the trading algorithm, or programming codecorresponding to the trading algorithm.
 4. The method of claim 1,further comprising sending, in response to receiving the user input, atrader identifier to be associated with the programming coderepresenting the trading algorithm and with a trader authorized toexecute the programming code.
 5. The method of claim 1, wherein theunique identifier and at least one of the trading algorithm definition,the trading algorithm, or programming code associated with the tradingalgorithm are sent from a risk manager device to an authenticationdevice as a first-level authentication, and the authentication device isto provide a second-level authentication to the algorithm server.
 6. Themethod of claim 1, further comprising storing the received tradingalgorithm definition.
 7. The method of claim 1, further comprisingsending a notification to be accessed by a user of the trading algorithmdesign interface, indicating that the trading algorithm has beenauthorized for execution.
 8. The method of claim 1, wherein the uniqueidentifier is at least one of a hash value, a trader identifier, or aglobally unique identifier.